Mozilla enables unsafe encryption algorithm again to resolve issues with antivirus software

A new version of Mozilla’s Firefox browser solves an issue that made the antivirus software of G Data crash. A component of the antivirus software that should protect users against malware during internet banking didn’t work as intended with Firefox 43.0.3.


G Data earlier also released an update that fixed the issue, but with Firefox 43.0.4 the issue has also been resolved. The most important feature of this version of Firefox is also the enabling of SHA-1 certificates again. These certificates were blocked by Firefox because the SHA-1 encryption algorithm is no longer regarded as safe. Unfortunately this caused issues with many antivirus products which is why Mozilla enabled support for SHA-1 certificates again.

The block of SHA-1 certificates caused issues as some virus scanners use a ‘man-in-the-middle‘ method when an user tries to connect to an HTTPS site. The man-in-the-middle device sends Firefox a new SHA-1 certificate instead of the server’s real certificate.

However Firefox blocks SSL certificates that are signed with the SHA-1 algorithm since the beginning of this year. This causes that SSL certificates that are generated by antivirus software are blocked and that Firefox users can no longer visit HTTPS sites.

It’s unknown whether Mozilla is working on a workaround for this issue with antivirus software and will enable the SHA-1 block later again.